[Emerging-updates] Daily Ruleset Update Summary 10/23/2013

Francis Trudeau ftrudeau at emergingthreats.net
Wed Oct 23 13:49:25 HADT 2013


 [***] Summary [***]

3 new Pro rules, 3 new open.  Sakura, Angler EK, Flashpack, Simda.


 [+++]          Added rules:          [+++]

Pro:
  2807143 - ETPRO TROJAN Win32.RatTool Checkin (trojan.rules)
  2807144 - ETPRO POLICY Potentially Unwanted Program Checkin (policy.rules)
  2807145 - ETPRO TROJAN Backdoor.Win32.Simda.abpn Checkin (trojan.rules)
Open:
  2017628 - ET CURRENT_EVENTS Possible Sakura Jar Download Oct 22 2013
(current_events.rules)
  2017629 - ET CURRENT_EVENTS FlashPack Oct 23 2013 (current_events.rules)
  2017630 - ET CURRENT_EVENTS Angler EK encrypted binary (1)
(current_events.rules)


 [///]     Modified active rules:     [///]

  2006357 - ET MALWARE User Agent (TEST) - Likely Webhancer Related Spyware
(malware.rules)
  2006435 - ET SCAN LibSSH Based SSH Connection - Often used as a
BruteForce Tool (scan.rules)
  2006546 - ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce
Attack! (scan.rules)
  2016803 - ET TROJAN Known Sinkhole Response Header (trojan.rules)
  2017626 - ET CURRENT_EVENTS 81a338 Hacked Site Response (Inbound)
(current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20131023/f12eac34/attachment.html>


More information about the Emerging-updates mailing list